The revelation made on Twitter left the infosec community inflamed and curious.
On Monday (11 December), Beer Beer published details of an ‘async_wake’ exploit, the proof of concept and tweeted that he tested out the exploit on iPhone 7, iPhone 6s and iPod touch 6G, adding that “adding more support should be easy”.
As detailed in Project Zero’s bug repository, the issue Beer found relates to a memory flaw in IOSurface, a kernel extension.
It appears what Beer has released isn’t a full jailbreak but enough to allow security researchers to bypass software restrictions imposed by Apple and test a newish version of iOS.
iOS 11.1.2 is no longer the current version of iOS as Apple released iOS 11.2 on December 2, but Apple is still signing iOS 11.1.2 at this time. Apple will likely stop signing the older update in the near future, and its end could come sooner now that further information on the tfp0 exploit has been released.
iOS exploits are rare and the iPhone is still considered to be one of the hardest consumer devices to hack and/or jailbreak. This makes Beer’s exploit all the more valuable. In the past, researchers have been known to sell iOS exploits for significant amounts of cash. Companies such as Zerodium, that sell such exploits, has previously offered up to $1.5 million bounties to hackers who could find iOS zero-day vulnerabilities.
Jailbreaking iOS devices have dwindled in popularity in recent years, which has led two major Cydia repositories to close. Both ModMy and ZodTTD/MacCiti, which provided apps, themes, tweaks, and more for jailbroken iOS devices, shut down in November. For the time being, iOS 11 continues to be the only major version of iOS that has not been jailbroken.